################################################################################
#                                                                              #
#    Django : 2020-07-04 - Musterkonfiguration rsync-Daemon unter CentOS 8     #
#                                                                              #
################################################################################

# Eine Aufstellung aller möglichen Variablen findet man in der man-page zu
# rsyncd.conf : # man rsyncd.conf 
# Auf der Webseite https://dokuwiki.nausch.org/doku.php/centos:rsynd_c8
# findet man darüber hinaus noch viele Erklärungen zur Konfiguration des
# rsyn-Daemon.

################################################################################
## GLOBAL PARAMETERS
#

# This parameter allows you to specify a "message of the day" to display to  
# clients on each connect. This usually contains site information and any 
# legal notices. The default is no motd  file.
# motd file

# This parameter tells the rsync daemon to write its process ID to that file.
# If  the file already exists, the rsync daemon will abort rather than overwrite 
# the file.
# pid file = /var/run/rsyncd.pid

# Specifies the default port the daemon will listen (defaults to 873).
# port 873

# Defines the default IP address where the daemon will listening. The default
# is listening on all IPv4 and IPv6-adresses.
# address

# This  parameter specifies  the  user  name or user ID that file transfers 
# to and from that module should take place as when the daemon  was run as 
# root. In combination with the "gid" parameter this determines what file 
# permissions are available. The default when run by a super-user is to 
# switch to the system’s "nobody" user. The default for a non-super-user is 
# to not try to change the user. See also the "gid" parameter.
uid = nobody

# This parameter specifies one or more group names/IDs that will be used when
# accessing the module. The first one will be the default group, and any extra 
# ones be set as supplemental groups.
# You may also specify a "*" as the first gid in the list, which will be 
# replaced by all the normal groups for the transfer’s user (see "uid"). The 
# default when run by a super-user is to switch to your OS’s "nobody" (or 
# perhaps "nogroup") group with no other supplementary groups. The default for
# a non-super-user is to not change any group attributes (and indeed, your OS
# may not allow a non-super-user to try to change their group settings).
gid = nobody

# When the "log file" parameter is set to a non-empty string, the rsync daemon
# will log messages to the indicated file rather than using syslog. This is 
# particularly useful on systems (such as AIX) where syslog() doesn’t work for
# chrooted programs. The file is opened before chroot() is called, allowing it 
# to be placed outside the transfer. If this value is set on a per-module basis
# instead of globally, the global log will still contain any authorization 
# failures or config-file error messages.
# If the daemon fails to open the specified file, it will fall back to using
# syslog and output an error about the failure.
# log file = /var/log/rsyncd.log

# This parameter allows you to specify the syslog tag to use when logging 
# messages from the rsync daemon. The default is "rsyncd".
# This setting has no effect if the "log file" setting is a non-empty string
# (either set in the per-modules settings, or inherited from the global 
# settings).
# syslog tag = rsyncd

# This parameter allows you to specify the syslog facility name to use when 
# logging messages from the rsync daemon. You may use any standard syslog 
# facility name which is defined on your system.
# Common names are auth, authpriv, cron, daemon, ftp, kern, lpr, mail, news,
# security, syslog, user, uucp, local0, local1, local2, local3, local4, local5,
# local6 and local7. The default is daemon. This setting has no effect if the 
# "log file" setting is a non-empty string (either set in the per-modules 
# settings, or inherited from the global settings).
# syslog facility = daemon

# This parameter enables per-file logging of downloads and uploads in a format 
# somewhat similar to that used by ftp daemons. The daemon always logs the 
# transfer at the end, so if a transfer is aborted, no mention will be made in 
# the log file.
# transfer logging = yes

# This parameter allows you to specify the maximum number of simultaneous 
# connections you will allow. Any clients connecting when the maximum has been
# reached will receive a message telling them to try later. The default is 0, 
# which means no limit. A negative value disables the module. 
# max connections = 0

# This parameter specifies the directory in the daemon’s filesystem to make 
# available in this module. You must specify this parameter for each module 
# in rsyncd.conf.
# path = /home/ftp

# This parameter takes a space-separated list of daemon exclude patterns. As
# with the client --exclude option, patterns can be qualified with "-  " or
# "+   " to explicitly indicate exclude/include. Only one "exclude" parameter
# can apply to a given module. 
# exclude = lost+found/

# If "use chroot" is true, the rsync daemon will chroot to the "path" before 
# starting the file transfer with the client. This has the advantage of extra 
# protection against possible implementation security holes, but it has the 
# disadvantages of requiring super-user privileges, of not being able to 
# follow symbolic links that are either absolute or outside of the new root
# path and of complicating the preservation of users and groups by name
# See rsyncd.conf man page for more options.
# use chroot = yes

# This parameter allows you to override the clients choice for I/O timeout for
# this module. Using this parameter you can ensure that rsync won’t wait on a 
# dead client forever. The timeout is pecified in seconds. A value of zero 
# means no timeout and is the  default. A good choice for anonymous rsync 
# daemons may be 600 (giving a 10 minute timeout).
timeout = 600

# This tells the rsync daemon to completely ignore files that are not readable
# by the user. This is useful for public archives that may have some non-read-
# able files among the directories, and the sysadmin doesn’t want those files 
# to be seen at all.
# ignore nonreadable = yes

# This parameter allows you to select filenames based on wildcard patterns that
# should not be compressed when pulling files from the daemon (no analogous 
# parameter exists to govern the pushing of files to a daemon). Compression is
# expensive in terms of CPU usage, so itis usually good to not try to compress 
# files that won’t compress well, such as already compressed files.
# The "dont compress" parameter takes a space-separated list of case-insensi-
# tive wildcard patterns. Any source filename matching one of the patterns will
# not be compressed during transfer.
# dont compress   = *.gz *.tgz *.zip *.z *.Z *.rpm *.deb *.bz2

################################################################################
## MODULES
#
# A module begins with the name of the module in square brackets and continues 
# until the next module begins. Modules contain parameters of the form 
# "name = value".

# This parameter specifies the directory in the daemon’s filesystem to make 
# available in this module. You must specify this parameter for each module in
# rsyncd.conf.
# path = /srv/rsync-path

# This parameter specifies a description string that is displayed next to the 
# module name when clients obtain a list of available modules. 
# The default is no comment.
# comment = 

# This parameter determines whether this module is listed when the client asks
# for a listing of available modules. In addition, if this is false, the daemon
# will pretend the module does not exist when a client denied by "hosts allow"
# or "hosts deny" attempts to access it. Realize that if "reverse lookup" is 
# disabled globally but enabled for the module, the resulting reverse lookup
# to a potentially client-controlled DNS server may still reveal to the client
# that it hit an existing module. The default is for modules to be listable.
# list = yes

# This parameter allows you to specify a list of comma- and/or whitespace-
# separated patterns that are matched against a connecting  clients hostname
# and IP address. If the pattern matches then the connection is rejected.
# hosts deny = 192.168.1.0/24

# This parameter allows you to specify a list of comma- and/or whitespace-
# separated patterns that are matched against a connecting  client’s  
# hostname and IP address. If none of the patterns match, then the connec-
# tion is rejected.
# hosts allow = *.mailserver.guru

# Module examples:
# [ftp]
# path            = /var/ftp/./pub
# comment         = whole ftp area (approx 6.1 GB)
#
# [object]
# max connections = 2
# path            = /srv/node/
# read only       = false
# write only      = no
# list            = yes
# incoming chmod  = 0644
# outgoing chmod  = 0644
# lock file       = /var/lock/object.lock
# hosts allow     = *.mailserver.guru

#[REPO]
#path       = /srv/public/mailserver.guru/
#comment    = repo.mailserver.guru
#allow = 88.217.171.167

[demo]
max connections = 2
path            = /var/lib/tftpboot/
comment         = Demo für rsync Daemon Artikel in Djangos WIKI
list            = yes
hosts allow     = 10.0.0.0/24